<?php
/*
 * [JINYUN!] (C)2001-2099 Jinyunweb.com
 * This is NOT a freeware, use is subject to license terms
 * $Id: 2018-02-26 14:03:35 apple $
 * 系统权限管理
*/
$_RQ['op']=$_RQ['op']?$_RQ['op']:'list';
$return=array();
$tabs=array(
	array('op'=>'list','title'=>'权限列表'),
	array('op'=>'edit','title'=>'添加权限'),
	array('op'=>'wait','title'=>'待设置权限页面'),
);
$return['types']=get_user_types();
$return['types']['0']='登陆即可访问';
if($_RQ['op']=='list'){
	$pindex = max(1, intval($_RQ['page']));
	$psize = 10;
	$params=array();
	if(isset($_RQ['type'])){
		$params['type']=intval($_RQ['type']);
		$return['params']['type']=$_RQ['type'];
	}
	if($_RQ['title']){
		$params['title like']='%'.trim($_RQ['title']).'%';
		$return['params']['title']=$_RQ['title'];
	}
    $fields=array('id','title','action','op','type');
    $orderby='id desc';
	$total='';
	$return['list']=pdo_getslice('core_permissions',$params,array($pindex,$psize),$total,$fields,'',$orderby);
	$totalpage=ceil($total/$psize);
	$totalpage=intval($totalpage);
	$return['totalpage'] =$totalpage;
	$return['params']['page'] =$pindex;
	$htmls=array(
		'type'=>'list',
		'tabs'=>$tabs,
		'list'=>array('data'=>'list','del_message'=>'确定删除该权限数据吗？删除后，所有用户无需登陆即可访问该功能页面！','tip'=>'所有权限列表中的功能均需登陆方可访问。根据功能要求等级，允许不同等级的账号使用。如需要求功能页面无需登陆即可访问，则从权限数据表中删除该权限要求。','list'=>array(
			array('name'=>'title','title'=>'功能名称','type'=>'string'),
			array('name'=>'action','title'=>'功能action','type'=>'string'),
			array('name'=>'op','title'=>'功能op','type'=>'string'),
			array('name'=>'type','title'=>'要求等级','type'=>'radio','options'=>'types')
		)),
		'search_one'=>array('name'=>'title','select_name'=>'type','is_radio'=>true,'options'=>'types'),
	);
	$return['htmls']=$htmls;
	exi($return);
}
if($_RQ['op']=='edit'){
	$id=intval($_RQ['id']);
	if($id){
		$item=pdo_get('core_permissions',array('id'=>$id));
	}else{
		$item=array();
		//给系统检测出的未设置权限功能页面添加权限
		$action=trim($_RQ['name']);
		if($action){
			$item['action']=$action;
		}
	}
    $return['item']=$item;
	$htmls=array(
		'type'=>'edit',
		'post'=>'post',
		'desc'=>'设置权限',
		'tabs'=>$tabs,
		'edit'=>array(
			array('name'=>'title','title'=>'功能名称','type'=>'string'),
			array('name'=>'action','title'=>'功能action','type'=>'string'),
			array('name'=>'op','title'=>'功能op','type'=>'string'),
			array('name'=>'type','title'=>'要求等级','type'=>'radio','options'=>'types','help'=>'设置的等级为访问页面所需最低等级')
			)
	);
	$return['htmls']=$htmls;
	exi($return);
}
if($_RQ['op']=='post'){
	$postdata=get_postdata();
	if(!isset($postdata['type'])){
	    exi('请设置等级','error');
	}
	if(!isset($postdata['title'])){
	    exi('请设置功能名称','error');
	}
	if(!isset($postdata['action'])){
	    exi('请设置功能action','error');
	}
	$data=array(
	    'title'=>$postdata['title'],
	    'op'=>$postdata['op'],
	    'action'=>$postdata['action'],
	    'type'=>intval($postdata['type']),
	    );
	$id=intval($postdata['id']);
	if($id){
		pdo_update('core_permissions',$data,array('id'=>$id));
		exi('设置成功！','','list');
	}else{
		pdo_insert('core_permissions',$data);
		exi('添加成功！','','list');
	}
}
if($_RQ['op']=='del'){
	$id=intval($_RQ['id']);
	if($id){
		pdo_delete('core_permissions',array('id'=>$id));	
	}
	$del=trim($_RQ['del'],';');
	if($del){
		$del=explode(';',$del);
		foreach($del as $id){
			$id=intval($id);
			if($id){
				pdo_delete('core_permissions',array('id'=>$id));
			}
		}
	}
	exi('删除成功！');
}
if($_RQ['op']=='wait'){
	//待设置权限页面
	$files=cfc('files')->file_tree(ROOT_D.'/manage/actions',array(),array('.php'));
	
	foreach($files as $key=>&$file){
		$file=substr($file,1,-4);
		$file=str_replace('/','.',$file);
		$check=pdo_getcolumn('core_permissions',array('action'=>$file),'id');
		if(!$check){
			$file=array('name'=>$file);
		}else{
			unset($files[$key]);
		}
		
	}
	$return['list']=$files;
	$return['htmls']=array(
		'type'=>'list',
		'tabs'=>$tabs,
		'list'=>array('tip'=>'此处显示所有未设置权限限制的功能页面。其中部分页面可能本身无需设置额外权限（无需登陆即可直接访问）？请视情况添加权限！','data'=>'list','delall'=>false,'del_one'=>false,'edit'=>false,'pagelist'=>false,'key'=>'name','list'=>array(
			array('type'=>'string','name'=>'name','title'=>'功能页面标识'),
		),'action'=>array(
			array('type'=>'href','op'=>'edit','title'=>'设置权限'),
		)),
	);
	exi($return);
}

?>